Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Guidelines for the Secure Deployment of IPv6

Published

Author(s)

Sheila E. Frankel, Richard Graveman, John Pearce, Mark Rooks

Abstract

Due to the exhaustion of IPv4 address space, and the Office of Management and Budget (OMB) mandate that U.S. federal agencies begin to use the IPv6 protocol, NIST undertook the development of a guide to help educate federal agencies about the possible security risks during their initial IPv6 deployment. Since IPv6 is not backwards compatible with IPv4, organizations will have to change their network infrastructure and systems to deploy IPv6. Organizations should begin now to understand the risks of deploying IPv6, as well as strategies to mitigate such risks. Detailed planning will enable an organization to navigate the process smoothly and securely. This document provides guidelines for organizations to aid in securely deploying IPv6. The goals of this document are to: educate the reader about IPv6 features and the security impacts of those features; provide a comprehensive survey of mechanisms that can be used for the deployment of IPv6; and provide a suggested deployment strategy for moving to an IPv6 environment. After reviewing this document, the reader should have a reasonable understanding of IPv6 and how it compares to IPv4, security impacts of IPv6 features and capabilities, as-yet unknown impacts of IPv6 deployment, and increased knowledge and awareness about the range of IPv4 to IPv6 transition mechanisms.
Citation
Special Publication (NIST SP) - 800-119
Report Number
800-119

Keywords

IPv6, network security, Internet Protocol
Created December 29, 2010, Updated February 19, 2017